Common Ports
| Port number | Service name | Transport protocol | Description |
|---|---|---|---|
7 | Echo | TCP, UDP | Echo service |
19 | CHARGEN | TCP, UDP | Character Generator Protocol, has severe vulnerabilities and thus is rarely used nowadays |
20 | FTP-data | TCP, SCTP | File Transfer Protocol data transfer |
21 | FTP [[FTP (21)]] | TCP, UDP, SCTP | File Transfer Protocol command control |
22 | TCP, UDP, SCTP | Secure Shell, secure logins, file transfers ( | |
23 | Telnet | TCP | Telnet protocol, for unencrypted text communications |
25 | SMTP [[SMTP (25, 465)]] | TCP | Simple Mail Transfer Protocol, used for email routing between mail servers |
42 | WINS Replication | TCP, UDP | Microsoft Windows Internet Name Service, vulnerable to attacks on a local network |
43 | WHOIS | TCP, UDP | Whois service, provides domain-level information |
49 | TACACS | UDP; can also use TCP but not necessarily on port 49 | Terminal Access Controller Access-Control System, provides remote authentication and related services for network access |
53 | DNS [[DNS (53)]] | TCP, UDP | Domain Name System name resolver |
67 | DHCP/BOOTP | UDP | Dynamic Host Configuration Protocol and its predecessor Bootstrap Protocol Server; server port |
68 | DHCP/BOOTP | UDP | Dynamic Host Configuration Protocol and its predecessor Bootstrap Protocol Server; client port |
69 | TFTP | UDP | Trivial File Transfer Protocol |
70 | Gopher | TCP | Gopher is a communication protocol for distributing, searching, and retrieving documents in Internet Protocol (IP) networks |
79 | Finger | TCP | Name/Finger protocol and Finger user information protocol, for retrieving and manipulating user information |
80 | HTTP [[Web enumeration]] | TCP, UDP, SCTP | Hypertext Transfer Protocol (HTTP) uses TCP in versions 1.x and 2. HTTP/3 uses QUIC, a transport protocol on top of UDP |
88 | Kerberos | TCP, UDP | Network authentication system |
102 | Microsoft Exchange ISO-TSAP | TCP | Microsoft Exchange ISO Transport Service Access Point (TSAP) Class 0 protocol |
110 | TCP | Post Office Protocol, version 3 (POP3) | |
113 | Ident | TCP | Identification Protocol, for identifying the user of a particular TCP connection |
119 | NNTP (Usenet) | TCP | Network News Transfer Protocol |
123 | NTP | UDP | Network Time Protocol |
135 | Microsoft RPC EPMAP [[WMI (135)]] | TCP, UDP | Microsoft Remote Procedure Call (RPC) Endpoint Mapper (EPMAP) service, for remote system access and management |
137 | NetBIOS-ns [[SMB (445, 139)]] | TCP, UDP | NetBIOS Name Service, used for name registration and resolution |
138 | NetBIOS-dgm [[SMB (445, 139)]] | TCP, UDP | NetBIOS Datagram Service, used for providing access to shared resources |
139 | NetBIOS-ssn [[SMB (445, 139)]] | TCP, UDP | NetBIOS Session Service |
143 | TCP, UDP | Internet Message Access Protocol (IMAP), management of electronic mail messages on a server | |
161 | SNMP-agents (unencrypted) SNMP (10161, UDP 161) | UDP | Simple network management protocol; agents communicate on this port |
162 | SNMP-trap (unencrypted) SNMP (10161, UDP 161) | UDP | Simple network management protocol; listens for asynchronous traps |
177 | XDMCP | UDP | X Display Manager Control Protocol |
179 | BGP | TCP | Border Gateway Protocol |
194 | IRC | UDP | Internet Relay Chat |
201 | AppleTalk | TCP, UDP | AppleTalk Routing Maintenance. Trojan horses and computer viruses have used UDP port 201. |
264 | BGMP | TCP, UDP | Border Gateway Multicast Protocol |
318 | TSP | TCP, UDP | Time Stamp Protocol |
381 | HP Openview | TCP, UDP | HP performance data collector |
383 | HP Openview | TCP, UDP | HP data alarm manager |
389 | TCP, UDP | Lightweight directory access protocol | |
411 | (Multiple uses) | TCP, UDP | Direct Connect Hub, Remote MT Protocol |
412 | (Multiple uses) | TCP, UDP | Direct Connect Client-to-Client, Trap Convention Port |
427 | SLP | TCP | Service Location Protocol |
443 | HTTPS (HTTP over SSL) [[Web enumeration]] | TCP, UDP, SCTP | Hypertext Transfer Protocol Secure (HTTPS) uses TCP in versions 1.x and 2. HTTP/3 uses QUIC, a transport protocol on top of UDP. |
445 | [[SMB (445, 139)]] Microsoft DS SMB | TCP, UDP | Microsoft Directory Services: TCP for Active Directory, Windows shares; UDP for Server Message Block (SMB) file-sharing |
464 | Kerberos | TCP, UDP | For password settings on Kerberos |
465 | TCP | Authenticated SMTP over TLS/SSL (SMTPS), URL Rendezvous Directory for Cisco’s Source Specific Multicast protocol (SSM) | |
497 | Dantz Retrospect | TCP, UDP | A software suite for backing up operating systems |
500 | IPSec / ISAKMP / IKE | UDP | Internet Protocol Security / Internet Security Association and Key Management Protocol / Internet Key Exchange |
512 | TCP | Remote Process Execution | |
513 | rlogin [[R-Services (512,513,514)]] | TCP | The Unix program |
514 | syslog [[R-Services (512,513,514)]] | UDP | Syslog Protocol, for collecting and organizing all of the log files sent from the various devices on a network |
515 | LPD/LPR | TCP | Line Printer Daemon protocol, or Line Printer Remote protocol |
520 | RIP | UDP | Routing Information Protocol, used to find the optimal path between source and destination networks |
521 | RIPng (IPv6) | UDP | Routing Information Protocol next generation, the IPv6 compatible version of RIP |
540 | UUCP | TCP | Unix-to-Unix Copy Protocol |
548 | AFP | TCP | Apple Filing Protocol |
554 | RTSP | TCP, UDP | Real Time Streaming Protocol |
546 | DHCPv6 | TCP, UDP | Dynamic Host Configuration Protocol version 6. DHCPv6 Clients listen for DHCPv6 messages on UDP port 546. |
547 | DHCPv6 | TCP, UDP | DHCPv6 Servers and DHCPv6 Relay Agents listen for DHCPv6 messages on UDP port 547. |
560 | rmonitor | UDP | Remote Monitor |
563 | NNTP over TLS/SSL | TCP, UDP | Network News Transfer Protocol with encryption and verification |
587 | SMTP | TCP | For email message submission via SMTP |
591 | FileMaker | TCP | FileMaker Web Companion, the web publishing technology available in FileMaker versions 4-6 |
593 | Microsoft DCOM | TCP, UDP | Distributed Component Object Model (DCOM) |
596 | SMSD | TCP, UDP | SysMan Station daemon |
623 | IPMI [[IPMI (623 UDP)]] | UDP | IPMI |
631 | IPP | TCP | Internet Printing Protocol |
636 | TCP, UDP | Lightweight Directory Access Protocol over TLS/SSL | |
639 | MSDP (PIM) | TCP | Multicast Source Discovery Protocol, which is part of the Protocol Independent Multicast (PIM) family |
646 | LDP (MPLS) | TCP, UDP | Label Distribution Protocol, applies to routers capable of Multiprotocol Label Switching (MPLS) |
691 | Microsoft Exchange | TCP | Microsoft Exchange Routing |
860 | iSCSI | TCP | Internet Small Computer Systems Interface |
873 | rsync [[RSYNC (873)]] | TCP | The |
902 | VMware Server | TCP, UDP | VMware ESXi, a hypervisor |
989 | FTPS | TCP | File Transfer Protocol (data) over TLS/SSL |
990 | FTPS | TCP | File Transfer Protocol (control) over TLS/SSL |
993 | IMAP over SSL (IMAPS) [[IMAP POP3 (110, 143, 993, 995)]] | TCP | Internet Message Access Protocol over TLS/SSL |
995 | TCP, UDP | Post Office Protocol 3 over TLS/SSL | |
1025 | Microsoft RPC | TCP | Microsoft Remote Procedure Call |
1026-1029 | Windows Messenger | UDP | Windows Messenger popup spam |
1080 | SOCKS proxy | TCP (or UDP since SOCKS5) | SOCKS stands for Socket Secure. This protocol exchanges network packets between a client and server through a proxy server. |
1080 | MyDoom | TCP | Computer virus |
1194 | OpenVPN | TCP, UDP | OpenVPN |
1214 | KAZAA | TCP | A peer-to-peer file-sharing protocol |
1241 | Nessus | TCP, UDP | Nessus Security Scanner |
1311 | Dell OpenManage | TCP | Dell EMC OpenManage Server Administrator Web GUI |
1337 | WASTE | TCP | WASTE peer-to-peer encrypted file-sharing Program |
1433 | MSSQL [[MSSQL (1433)]] | TCP | MSSQL |
1521, 1522-1529 | Oracle TNS Listener [[Oracle TNS (1521,1522-1529,1748)]] | TCP | Oracle TNS Listener |
1589 | Cisco VQP | TCP, UDP | Cisco VLAN Query Protocol (VQP) |
1701 | L2TP VPN | TCP | Layer Two Tunneling Protocol Virtual Private Networking |
1720 | H.323 | TCP | H.323 Call Control Signaling, a VoIP call control protocol |
1723 | Microsoft PPTP | TCP, UDP | Point-to-Point Tunneling Protocol Virtual Private Networking |
1725 | Steam | UDP | Valve Steam Client uses port 1725 |
1741 | CiscoWorks SNMS 2000 | TCP | CiscoWorks Small Network Management Solution web server |
1755 | MMS | TCP, UDP | Microsoft Media Server |
1812 | RADIUS | UDP | RADIUS server authentication and authorization |
1813 | RADIUS | UDP | RADIUS server accounting |
1863 | (Multiple uses) | TCP, UDP | MSN Messenger, Xbox Live 360 |
1900 | UPnP | UDP | Universal Plug and Play |
1985 | Cisco HSRP | UDP | Hot Standby Router Protocol |
2000 | Cisco SCCP | TCP | Skinny Client Control Protocol |
2002 | Cisco ACS | TCP | Access Control Server |
2049 | UDP | Network File Sharing | |
2082 | cPanel | TCP, UDP | cPanel default |
2083 | radsec, cPanel | TCP, UDP | Secure RADIUS Service ( |
2100 | amiganetfs | TCP | Amiga Network Filesystem |
2222 | DirectAdmin | TCP | Graphical web hosting control panel |
2302 | Gaming | UDP | The game HALO uses this port extensively |
2483 | Oracle | TCP, UDP | Oracle database listening for insecure client connections to the listener, replaces port 1521 |
2484 | Oracle | TCP, UDP | Oracle database listening for SSL client connections to the listener |
2745 | Bagle.C – Bagle.H | TCP | Computer worms |
2967 | Symantec AV | TCP, UDP | Symantec System Center agent (SSC-AGENT) |
3050 | Interbase DB | TCP, UDP | Borland Interbase database |
3074 | XBOX Live | TCP, UDP | Gaming: Xbox LIVE and Games for Windows – Live |
3127 | MyDoom | TCP | Computer worm |
3128 | HTTP Proxy | TCP | Common web proxy server ports: 80, 8080, 3128, 6588 |
3222 | GLBP | TCP, UDP | Gateway Load Balancing Protocol |
3260 | iSCSI Target | TCP, UDP | Microsoft iSCSI Target Server |
3306 | MySQL [[MySQL (3306)]] | TCP | MySQL database system |
3389 | RDP [[RDP (3389)]] | TCP | Windows Remote Desktop Protocol (Microsoft Terminal Server) |
3689 | DAAP | TCP | Digital Audio Access Protocol, used by Apple’s iTunes and AirPort Express |
3690 | SVN | TCP, UDP | Apache Subversion, a version control system |
3724 | World of Warcraft | TCP, UDP | Some Blizzard games, Unofficial Club Penguin Disney online game for kids |
3784-3785 | Ventrilo VoIP | TCP, UDP | Ventrilo’s Voice over Internet Protocol program |
4333 | mSQL | TCP | Mini SQL server |
4444 | Blaster | TCP, UDP | Computer worm |
4500 | IPSec NAT Traversal | UDP | Internet Protocol Security Network Address Translation (NAT) Traversal |
4664 | Google Desktop | TCP | Google Desktop’s built-in HTTP server and indexing software |
4672 | eMule | UDP | Peer-to-peer file-sharing software |
4899 | Radmin | TCP | Remote computer control software |
5000 | UPnP | TCP | Universal Plug and Play |
5001 | iperf | TCP | Tool for measuring TCP and UDP bandwidth performance |
5004-5005 | RTP, RTSP | UDP | Real-time Transport Protocol, Real Time Streaming Protocol |
5050 | Yahoo! Messenger | TCP | Instant messaging service from Yahoo |
5060 | SIP | TCP, UDP | Session Initiation Protocol |
5061 | SIP-TLS | TCP | Session Initiation Protocol over TLS |
5190 | (Multiple uses) | TCP, UDP | ICQ, AIM (AOL Instant Messenger), Apple iChat |
5222-5223 | XMPP | TCP, UDP | Extensible Messaging and Presence Protocol Client Connection; also used in Google Talk, Jabber, Apple iChat, WhatsApp, etc. |
5353 | MDNS | UDP | Multicast DNS |
5432 | PostgreSQL | TCP | PostgreSQL database system |
5554 | Sasser | TCP | Computer worm |
5631-5632 | pcAnywhere | UDP | Symantec pcAnywhere |
5800 | VNC over HTTP | TCP | Virtual Network Computing (VNC) |
5900-5999 | RFB/VNC Server | TCP, UDP | VNC Remote Frame Buffer RFB protocol |
6000 | X11 | TCP | X Window System protocol for delivering payloads between X clients and servers |
6001 | X11 | UDP | X Window System protocol for delivering payloads between X clients and servers |
6112 | Diablo | TCP, UDP | Gaming |
6129 | DameWare | TCP | Remote access software developed by SolarWinds |
6257 | WinMX | UDP | Windows Music Exchange, peer-to-peer file-sharing freeware |
6346-6347 | Gnutella2 | TCP, UDP | Peer-to-peer network protocol |
6379 | Redis | TCP | Popular non-relational database management system (NoSql) |
6500 | GameSpy | TCP, UDP | Gaming |
6566 | SANE | TCP, UDP | Scanner Access Now Easy |
6588 | AnalogX | TCP | AnalogX proxy server |
6588 | HTTP Proxy | TCP | Common web proxy server ports: 80, 8080, 3128, 6588 |
6665-6669 | IRC | TCP | Internet Relay Chat |
6679, 6697 | IRC over SSL | TCP | Internet Relay Chat |
6699 | Napster | TCP | Peer-to-peer file-sharing application |
6881-6999 | BitTorrent | TCP, UDP | BitTorrent uses this range of ports the most often |
6891-6901 | Windows Live Messenger | TCP, UDP | Alternatively: MSN Messenger |
6970 | Quicktime | TCP, UDP | QuickTime streaming server |
7000 | Cassandra | TCP | Inter-node communication within the cluster on Apache Cassandra |
7001 | Cassandra | TCP | SSL-enabled inter-node communication within the cluster on Apache Cassandra |
7199 | Cassandra JMX | TCP | Java Management Extensions on Apache Cassandra |
7648-7649 | CU-SeeMe | TCP, UDP | Internet video conferencing client made by Cornell University |
8000 | Internet Radio | TCP | Commonly choice of alternate HTTP port for web applications |
8080 | HTTP Proxy [[Tomcat (8080)]] ?? | TCP | Common web proxy server ports: 80, 8080, 3128, 6588 |
8086 | Kaspersky AV | TCP | Kaspersky AV Control Center |
8087 | Kaspersky AV | UDP | Kaspersky AV Control Center |
8118 | Privoxy | TCP | Advertisement-filtering Web proxy |
8200 | VMware Server | TCP, UDP | VMware vSphere Fault Tolerance |
8222 | VMware Server | TCP, UDP | VMware Server Management User Interface (insecure Web interface). |
8500 | (Multiple uses) | TCP, UDP | Adobe ColdFusion, Flight Message Transfer Protocol |
8767 | Teamspeak | UDP | VoIP communication system for online gaming |
8866 | Bagle.B | TCP | Computer worm |
9042 | Cassandra | TCP | Apache Cassandra, a NoSql database |
9100 | PDL | TCP | PDL Data Stream, used for printing to certain network printers |
9101-9103 | Bacula | TCP, UDP | For automating backup tasks |
9119 | MXit | TCP, UDP | MXit Instant Messaging (deprecated) |
9800 | WebDAV | TCP, UDP | Web-based Distributed Authoring and Versioning, an extension of HTTP |
9898 | Dabber | TCP | Computer worm (Sasser) |
9999 | Urchin | TCP, UDP | Urchin Web Analytics |
10000 | (Multiple uses) | TCP, UDP | Network Data Management Protocol; applications: Webmin, BackupExec, Viatalk; gaming: The Matrix Online, Dungeon Fighter |
10161 | [[SNMP (10161, UDP 161)]] SNMP-agents (encrypted) | TCP | Simple network management protocol; agents communicate on this port |
10162 | SNMP-trap (encrypted) | TCP | Simple network management protocol; listens for asynchronous traps |
10113 | NetIQ | TCP, UDP | NetIQ Endpoint |
10114 | NetIQ | TCP, UDP | NetIQ Qcheck |
10115 | NetIQ | TCP, UDP | NetIQ Endpoint |
10116 | NetIQ | TCP, UDP | NetIQ VoIP Assessor |
11371 | OpenPGP | TCP, UDP | OpenPGP HTTP Keyserver |
12345 | NetBus | TCP | NetBus remote administration tool (Trojan horse) |
13720-13721 | NetBackup | TCP, UDP | NetBackup request daemon |
14567 | Battlefield | UDP | Gaming |
15118 | Dipnet/Oddbob | TCP | Trojan horse |
19226 | AdminSecure | TCP | Panda Software AdminSecure Communication Agent |
19638 | Ensim | TCP | Ensim Control Panel |
20000 | Usermin | TCP, UDP | Web email interface for regular non-root users |
24800 | Synergy | TCP, UDP | Keyboard/mouse sharing software |
25999 | Xfire | TCP | Communication tool for gamers (deprecated) |
27015 | Half-Life | UDP | Gaming |
27017 | MongoDB | TCP | NoSql database |
27374 | Sub7 | TCP, UDP | Trojan horse |
28960 | Call of Duty | TCP, UDP | Gaming |
31337 | Back Orifice | TCP, UDP | Remote administration tool used for Trojan horses |
33434+ | traceroute | UDP | Utility for displaying paths and measuring transit delays of packets across a network |
Source: https://www.stationx.net/common-ports-cheat-sheet/
Kubernetes
Service | TCP Ports |
|
|
|
|
|
|
|
|
|
|
|
|
Last updated